The Cyber Security Engineer works as a member of the Information Protection Office in the Information Technology Division (IT). Will act as a lead network forensic analyst and incident responder to process and mitigate threats. Provide cyber threat protection to intellectual property, networks, and sensitive data. responsible for conducting penetration tests and vulnerability assessments as it relates to production systems
Analytical triage and prioritization of concurrent incidents.
Analyze, respond to, and lead security incidents, including Application and Network attempted and realized breaches.
Ensure incident response includes host and network-based log analysis, correlation of network indicators, PCAP data, incident timeline generation, and root cause analysis among other data sources.
Perform daily in-depth analysis of current network threat activity and trends developing in the future.
Perform Application Penetrations testing as needed and analyze any findings that may result.
Perform Vulnerability Scans as needed and analyze any findings that may result.
Correlate event data for IDS systems, Firewalls, Secure Web Gateways, SIEMs, and other security systems for potential threats.
Experience with tools such as Perl, Python, or other scripting language in an incident handling environment. EnCase, Wireshark, Hex Rays, IDA Pro or Hex workshop, ArcSight
Education, Certifications, or Special Licenses:
Industry certifications such as CISSP, GCFE, GCFA, GCIA, GPEN, GWAPT, CEH, EnCE, etc